Collisions on Feistel-MiMC and univariate GMiMC
暂无分享,去创建一个
MiMC and GMiMC are families of MPC-friendly block ciphers and hash functions. In this note, we show that the block ciphers MiMC-2n/n (or Feistel-MiMC) and univariate GMiMC are vulnerable to an attack which allows a key recovery in $2^{n/2}$ operations. This attack, which is reminiscent of a slide attack, only relies on their weak key schedules, and is independent of the round function ($x^3$ here) and the number of rounds.
[1] Martin R. Albrecht,et al. MiMC: Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity , 2016, ASIACRYPT.
[2] Yu Sasaki,et al. Quantum Attacks without Superposition Queries: the Offline Simon Algorithm , 2019, IACR Cryptol. ePrint Arch..
[3] María Naya-Plasencia,et al. On Quantum Slide Attacks , 2019, IACR Cryptol. ePrint Arch..
[4] Dragos Rotaru,et al. Feistel Structures for MPC, and More , 2019, IACR Cryptol. ePrint Arch..